Splunk Search

Community Activity

Could not read event. Results may be incomplete Hello, I am seeing the following error while running Splunk search. "idx=##INDEX NAME HERE## Could not read event: c... by arpit_arora Explorer in Splunk Search 11-26-2018 2 5	2	5
How do I use lookups where field has two formats? Owing to the way exchange outputs log files, for some reason we get two versions of the cs_username field username ... by capilarity Path Finder in Splunk Search 11-26-2018 0 1	0	1
Why isn't table column formatting working for some rows in the following search? Can anyone tell me why coloring on these true/false values is not working for all the rows? by ddelapasse Explorer in Splunk Search 11-26-2018 0 3	0	3
Can you help me with my subsearch? Hello I try to combine the 2 queries below QUERY 1 index="ai-wkst-wineventlog-fr" sourcetype=XmlWinEventLog so... by jip31 Motivator in Splunk Search 11-26-2018 0 0	0	0
After building a regex for transforms.conf and props.conf, why am I unable to see correctly extracted fields? I need help. I am unable to see the correct value after extracting a field with this regex. Why is the parser not ex... by PCIIT New Member in Splunk Search 11-26-2018 0 2	0	2
While clicking on object of dashboard, I am getting 404 404 Not Found Return to Splunk home page Page not found! View more information about your request (request ID = 5bf... by csharm21 Loves-to-Learn in Splunk Search 11-25-2018 0 1	0	1
Online [realtime] integration with WebApp Hello, We have WebApp within a Company. It is necessary to receive Authorization Requests (AR) from WebApp for onlin... by gerrard851 New Member in Splunk Search 11-25-2018 0 5	0	5
how to get custom table from logs Hi, I am having trouble in my queries. My logs are as below: 18/11/2018 12:00:41 IISYS export of Server 1 success... by dhirendra224761 New Member in Splunk Search 11-25-2018 0 4	0	4
Please Help a"search depends" and "search rejects" not working ISSUE Hi All I have two-drop down boxes with a 1 –many relationship with tokens “service family” and “feature” as be... by HenryFitzerald New Member in Splunk Search 11-25-2018 0 0	0	0
Can you help me fix my search which detects and alerts on campaign spikes from partners? Hi, The following is my query to list the API ingress flow of traffic from each of the partners. I would like to ad... by arunsubram Explorer in Splunk Search 11-24-2018 0 2	0	2
In a table format, how can I color a field if its value is greater than a certain number? Hello Splunkers, I have data in the following format: /dev/mapper/splunkcisvg-auditlv 8.0G 353M 7.7G 5% /var/... by kannu Communicator in Splunk Search 11-23-2018 0 3	0	3
ReplicationStatus failed . Search returning no results. Hi we have two searchheads s1 and s2 and two indexers i1 and i2. I am getting below error Unable to distribute to... by spoolunk Engager in Splunk Search 11-23-2018 0 0	0	0
Can you help me get this table from the following query? HI All, Below Query: \| convert ctime(_time) AS Date timeformat="%d/%m/%y" \| eval File_Copied=case(File_Copied="Nat... by dhirendra761 Contributor in Splunk Search 11-23-2018 0 5	0	5
How do I append columns to a search via inputlookup where the field names do not match? I'm relatively new to Splunk and I'm trying to use an existing lookup table to append columns to a search where the f... by jguthrie71 Explorer in Splunk Search 11-23-2018 0 4	0	4
How do you calculate the total disk size in MB? hello, I use this query in order to calculate the remaining space in percent. I also need to calculate the disk siz... by jip31 Motivator in Splunk Search 11-23-2018 0 3	0	3
Count of zero and non zero values in a table? I have a search which generates a table as below. The column value is epoch time. IP 1542682800 1542684600 154268... by mihikaraj New Member in Splunk Search 11-22-2018 0 4	0	4
Configure a Vsphere VM for Splunk Hello, How do I configure a vSphere VM (Windows Server 2016) for a SPLUNK deployment? So far I have done the follow... by ironaddict Engager in Splunk Search 11-22-2018 1 1	1	1
Using a lookup to translate an IP to host name which can then be used in a search where only hostnames populate the field Hi, I am trying to create a dashboard where a user can use either a hostname or IP address to search through Windows... by gerald_contrera Path Finder in Splunk Search 11-22-2018 0 3	0	3
How do we include our "app" assets on every page within an application? How do we include our "app" assets on every page within an application, we can pre-compile the components to use in a... by lucasfbeinjamin Path Finder in Splunk Search 11-22-2018 0 0	0	0
Accessing data become slow over time Hello, I am uploading few logs to Splunk and accessing the data using complex tstat query. After few minutes of uplo... by AKG1_old1 Builder in Splunk Search 11-22-2018 0 0	0	0
Why won't my multiple "eval if match" expressions work? Hi I'm trying to check a field for an OS. If Windows, then replace the entire field with "Windows". If mac is found,... by jsven7 Communicator in Splunk Search 11-22-2018 1 14	1	14
How to get the values for time_hour? I have a below query, which displays the Success, Failure, Total and Failure_Percent by time_hour. It only displays t... by abhi04 Communicator in Splunk Search 11-22-2018 0 1	0	1
Generating statistics from combined fields using rex Hi, I'm having difficulty creating a splunk query which generates an overview of field combinations using regular ex... by josipj New Member in Splunk Search 11-21-2018 0 1	0	1
Extract Field from Multiple lines of 1 event I have an event that I'm trying to extract the Email address between "Forwarding Address: " and ", Verification" The... by rwiltzius2 Engager in Splunk Search 11-21-2018 0 14	0	14
How do I append event(s) fields to a separate event based on two timestamps? Hello, I have two sets of data: Trip Metadata(A) and Individual Trip Coordinates(B). Set A fields: - StartTime -... by kligms Engager in Splunk Search 11-21-2018 0 4	0	4